Rapid7 Blog

POST STATS:

SHARE

Blogsplosion!

If you've been following along, you'll have noticed that we published just about a post a day here this week, which makes my job of bringing the weekly update to you, dear reader, that much easier. So, I'll keep this week's update pretty short. Here's a link farm covering what was discussed from Joe, OJ, sinn3r, and HD. They're all really fun and informative reads from fun and informative people, as you'd expect.

Meterpreter Survey 2015
HD discusses the results of the Metepreter survey held in February, where we're going with payload development, and what you can do to help.

Unicode Support in Meterpreter
Brent discusses the storied history of character encoding, and why you needn't care about it any more in Meterpreter sessions.

Kali Dev Docs

Also this week, we're deepening our commitment to the Kali Linux user community by overhauling our Metasploit Development Environment Setup docs. If you're a habitual Kali hacker, we now have a pretty well documented means to get you up to speed with a modern Metasploit dev environment. It's been a long time coming, and replaces the old http://r-7.co/MSF-DEV wiki completely.

Once the tires are sufficiently kicked on this collection of copy-pasta bashisms, we're going to get it all nicely packaged up as a one of those new-fangled DevOpsish deploy scripts, and it should work for pretty much any Debian-based distribution.

No, it's not a DNS Hijack

Finally, if all goes well over the next few days, you should see an entirely new platform for all our bloggery, discussion boards, and shameless trolling. You can see the note from Community Manager Maria Varmazis on the welcome page today. I'm pretty excited about the move, scheduled for March 31, 2015.

What this all means for you is, when you get the password reset message from rapid7.com, you can rest assured that it's (probably) not a phishing attempt, a DNS hijack, or a timezone-agnostic April Fool's joke. It's really us, I swear. I mean, what's more convincing than an unsigned, unauthenticated, unsolicited reset request, pointing to a website that's running an entirely different backend from what you're accustomed to? Totes legit. (:

In an effort to assure you that this is a real change and not a trick, I have signed this statement over on GitHub with my public key (as asserted by keybase.io). Feel free to verify it with your favorite GPG/PGP signature authentication scheme -- try curl that-raw-gist-link | gpg --verify.

Of course, maybe this is all part of the ruse. There is really no end to paranoia, if you care to delve deep enough.

New Modules

Since the last Wrapup (diffs here), we have nine new modules: five exploits and four Post/Aux modules. Note that we've also renamed five WordPress-based exploit modules, so I've added those to a special section, since they will also appear to be "new." If you're using those in a scripted way, like a resource script or Task Chain or something, you'll want to update your script to pick the new ones. Otherwise, they're unchanged.